Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cd733bc0 by security tracker role at 2019-01-09T08:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,55 @@
-CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6
contains a ...)
- - frontaccounting <removed>
-CVE-2019-5719
+CVE-2019-5736
+ RESERVED
+CVE-2019-5735
+ RESERVED
+CVE-2019-5734
+ RESERVED
+CVE-2019-5733
+ RESERVED
+CVE-2019-5732
+ RESERVED
+CVE-2019-5731
+ RESERVED
+CVE-2019-5730
+ RESERVED
+CVE-2019-5729
+ RESERVED
+CVE-2019-5728
+ RESERVED
+CVE-2019-5727
+ RESERVED
+CVE-2019-5726
RESERVED
-CVE-2019-5718
+CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary
files via ...)
+ TODO: check
+CVE-2019-5724
RESERVED
-CVE-2019-5717
+CVE-2019-5723
RESERVED
-CVE-2019-5716
+CVE-2019-5722
RESERVED
+CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash.
This was ...)
+ TODO: check
+CVE-2018-20677 (In Bootstrap before 3.4.0, XSS is possible in the affix
configuration ...)
+ TODO: check
+CVE-2018-20676 (In Bootstrap before 3.4.0, XSS is possible in the tooltip
data-viewport ...)
+ TODO: check
+CVE-2018-20675 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before
...)
+ TODO: check
+CVE-2018-20674 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before
...)
+ TODO: check
+CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before
4.0.0-beta.2, XSS is ...)
+ TODO: check
+CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6
contains a ...)
+ - frontaccounting <removed>
+CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP
dissector ...)
+ TODO: check
+CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE
dissector and ...)
+ TODO: check
+CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL
dissector ...)
+ TODO: check
+CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash.
This ...)
+ TODO: check
CVE-2019-5715
RESERVED
CVE-2019-5714
@@ -4514,7 +4556,7 @@ CVE-2019-3499
RESERVED
CVE-2019-3498 [Content spoofing possibility in the default 404 page]
RESERVED
- {DLA-1629-1}
+ {DSA-4363-1 DLA-1629-1}
- python-django 1:1.11.18-1 (bug #918230)
NOTE:
https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
NOTE:
https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a
(1.11.x)
@@ -13261,8 +13303,8 @@ CVE-2019-0624
RESERVED
CVE-2019-0623
RESERVED
-CVE-2019-0622
- RESERVED
+CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for
Andriod ...)
+ TODO: check
CVE-2019-0621
RESERVED
CVE-2019-0620
@@ -13329,112 +13371,112 @@ CVE-2019-0590
RESERVED
CVE-2019-0589
RESERVED
-CVE-2019-0588
- RESERVED
+CVE-2019-0588 (An information disclosure vulnerability exists when the
Microsoft ...)
+ TODO: check
CVE-2019-0587
RESERVED
-CVE-2019-0586
- RESERVED
-CVE-2019-0585
- RESERVED
-CVE-2019-0584
- RESERVED
-CVE-2019-0583
- RESERVED
-CVE-2019-0582
- RESERVED
-CVE-2019-0581
- RESERVED
-CVE-2019-0580
- RESERVED
-CVE-2019-0579
- RESERVED
-CVE-2019-0578
- RESERVED
-CVE-2019-0577
- RESERVED
-CVE-2019-0576
- RESERVED
-CVE-2019-0575
- RESERVED
-CVE-2019-0574
- RESERVED
-CVE-2019-0573
- RESERVED
-CVE-2019-0572
- RESERVED
-CVE-2019-0571
- RESERVED
-CVE-2019-0570
- RESERVED
-CVE-2019-0569
- RESERVED
-CVE-2019-0568
- RESERVED
-CVE-2019-0567
- RESERVED
-CVE-2019-0566
- RESERVED
-CVE-2019-0565
- RESERVED
-CVE-2019-0564
- RESERVED
+CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft
Exchange ...)
+ TODO: check
+CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word
...)
+ TODO: check
+CVE-2019-0584 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0583 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0582 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0581 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0580 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0579 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0578 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0577 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0576 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0575 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0574 (An elevation of privilege vulnerability exists when the Windows
Data ...)
+ TODO: check
+CVE-2019-0573 (An elevation of privilege vulnerability exists when the Windows
Data ...)
+ TODO: check
+CVE-2019-0572 (An elevation of privilege vulnerability exists when the Windows
Data ...)
+ TODO: check
+CVE-2019-0571 (An elevation of privilege vulnerability exists when the Windows
Data ...)
+ TODO: check
+CVE-2019-0570 (An elevation of privilege vulnerability exists when the Windows
...)
+ TODO: check
+CVE-2019-0569 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2019-0568 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2019-0567 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2019-0566 (An elevation of privilege vulnerability exists in Microsoft
Edge ...)
+ TODO: check
+CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft
Edge ...)
+ TODO: check
+CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
+ TODO: check
CVE-2019-0563
RESERVED
-CVE-2019-0562
- RESERVED
-CVE-2019-0561
- RESERVED
-CVE-2019-0560
- RESERVED
-CVE-2019-0559
- RESERVED
-CVE-2019-0558
- RESERVED
-CVE-2019-0557
- RESERVED
-CVE-2019-0556
- RESERVED
-CVE-2019-0555
- RESERVED
-CVE-2019-0554
- RESERVED
-CVE-2019-0553
- RESERVED
-CVE-2019-0552
- RESERVED
-CVE-2019-0551
- RESERVED
-CVE-2019-0550
- RESERVED
-CVE-2019-0549
- RESERVED
-CVE-2019-0548
- RESERVED
-CVE-2019-0547
- RESERVED
-CVE-2019-0546
- RESERVED
-CVE-2019-0545
- RESERVED
+CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft
...)
+ TODO: check
+CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft
Word ...)
+ TODO: check
+CVE-2019-0560 (An information disclosure vulnerability exists when Microsoft
Office ...)
+ TODO: check
+CVE-2019-0559 (An information disclosure vulnerability exists when Microsoft
Outlook ...)
+ TODO: check
+CVE-2019-0558 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft ...)
+ TODO: check
+CVE-2019-0557 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft ...)
+ TODO: check
+CVE-2019-0556 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft ...)
+ TODO: check
+CVE-2019-0555 (An elevation of privilege vulnerability exists in the Microsoft
...)
+ TODO: check
+CVE-2019-0554 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2019-0553 (An information disclosure vulnerability exists when Windows
Subsystem ...)
+ TODO: check
+CVE-2019-0552 (An elevation of privilege exists in Windows COM Desktop Broker,
aka ...)
+ TODO: check
+CVE-2019-0551 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
+CVE-2019-0550 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
+CVE-2019-0549 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2019-0548 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
+ TODO: check
+CVE-2019-0547 (A memory corruption vulnerability exists in the Windows DHCP
client ...)
+ TODO: check
+CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio
when the ...)
+ TODO: check
+CVE-2019-0545 (An information disclosure vulnerability exists in .NET
Framework and ...)
+ TODO: check
CVE-2019-0544
RESERVED
-CVE-2019-0543
- RESERVED
+CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows
improperly ...)
+ TODO: check
CVE-2019-0542
RESERVED
-CVE-2019-0541
- RESERVED
+CVE-2019-0541 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
CVE-2019-0540
RESERVED
-CVE-2019-0539
- RESERVED
-CVE-2019-0538
- RESERVED
-CVE-2019-0537
- RESERVED
-CVE-2019-0536
- RESERVED
+CVE-2019-0539 (A remote code execution vulnerability exists in the way that
the ...)
+ TODO: check
+CVE-2019-0538 (A remote code execution vulnerability exists when the Windows
Jet ...)
+ TODO: check
+CVE-2019-0537 (An information disclosure vulnerability exists when Visual
Studio ...)
+ TODO: check
+CVE-2019-0536 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows
remote ...)
[experimental] - exiv2 <unfixed> (bug #915134)
- exiv2 <not-affected> (Vulnerable code introduced later)
@@ -14145,30 +14187,30 @@ CVE-2019-0251
RESERVED
CVE-2019-0250
RESERVED
-CVE-2019-0249
- RESERVED
-CVE-2019-0248
- RESERVED
-CVE-2019-0247
- RESERVED
-CVE-2019-0246
- RESERVED
-CVE-2019-0245
- RESERVED
-CVE-2019-0244
- RESERVED
-CVE-2019-0243
- RESERVED
+CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0)
allows an ...)
+ TODO: check
+CVE-2019-0248 (Under certain conditions SAP Gateway of ABAP Application Server
(fixed ...)
+ TODO: check
+CVE-2019-0247 (SAP Cloud Connector, before version 2.11.3, allows an attacker
to ...)
+ TODO: check
+CVE-2019-0246 (SAP Cloud Connector, before version 2.11.3, does not perform
any ...)
+ TODO: check
+CVE-2019-0245 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02;
WEBCUIF ...)
+ TODO: check
+CVE-2019-0244 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02;
WEBCUIF ...)
+ TODO: check
+CVE-2019-0243 (Under some circumstances, masterdata maintenance in SAP
BW/4HANA ...)
+ TODO: check
CVE-2019-0242
RESERVED
-CVE-2019-0241
- RESERVED
-CVE-2019-0240
- RESERVED
+CVE-2019-0241 (SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1)
allows ...)
+ TODO: check
+CVE-2019-0240 (SAP Business Objects Mobile for Android (before 6.3.5)
application ...)
+ TODO: check
CVE-2019-0239
RESERVED
-CVE-2019-0238
- RESERVED
+CVE-2019-0238 (SAP Commerce (previously known as SAP Hybris Commerce), before
version ...)
+ TODO: check
CVE-2019-0237
RESERVED
CVE-2019-0236
@@ -15250,45 +15292,45 @@ CVE-2019-0087
CVE-2019-0086
RESERVED
CVE-2018-19269
- RESERVED
+ REJECTED
CVE-2018-19268
- RESERVED
+ REJECTED
CVE-2018-19267
- RESERVED
+ REJECTED
CVE-2018-19266
- RESERVED
+ REJECTED
CVE-2018-19265
- RESERVED
+ REJECTED
CVE-2018-19264
- RESERVED
+ REJECTED
CVE-2018-19263
- RESERVED
+ REJECTED
CVE-2018-19262
- RESERVED
+ REJECTED
CVE-2018-19261
- RESERVED
+ REJECTED
CVE-2018-19260
- RESERVED
+ REJECTED
CVE-2018-19259
- RESERVED
+ REJECTED
CVE-2018-19258
- RESERVED
+ REJECTED
CVE-2018-19257
- RESERVED
+ REJECTED
CVE-2018-19256
- RESERVED
+ REJECTED
CVE-2018-19255
- RESERVED
+ REJECTED
CVE-2018-19254
- RESERVED
+ REJECTED
CVE-2018-19253
- RESERVED
+ REJECTED
CVE-2018-19252
- RESERVED
+ REJECTED
CVE-2018-19251
- RESERVED
+ REJECTED
CVE-2018-19250
- RESERVED
+ REJECTED
CVE-2018-19249 (The Stripe API v1 allows remote attackers to bypass intended
access ...)
TODO: check
CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 ...)
@@ -22366,6 +22408,7 @@ CVE-2018-16470 (There is a possible DoS vulnerability
in the multipart parser in
CVE-2018-16469 (The merge.recursive function in the merge package v <1.2
can be ...)
NOT-FOR-US: merge package v
CVE-2018-16468 (In the Loofah gem for Ruby, through v2.2.2, unsanitized
JavaScript may ...)
+ {DSA-4364-1}
- ruby-loofah 2.2.3-1 (bug #912398)
NOTE: https://github.com/flavorjones/loofah/issues/154
NOTE:
https://github.com/flavorjones/loofah/commit/71e4b5434fbcb2ad87643f0c9fecfc3a847943c4
(v2.2.3)
@@ -61279,8 +61322,8 @@ CVE-2018-2501
RESERVED
CVE-2018-2500 (Under certain conditions SAP Mobile Secure Android client
(before ...)
NOT-FOR-US: SAP
-CVE-2018-2499
- RESERVED
+CVE-2018-2499 (A security weakness in SAP Financial Consolidation Cube
Designer ...)
+ TODO: check
CVE-2018-2498
RESERVED
CVE-2018-2497 (The security audit log of SAP HANA, versions 1.0 and 2.0, does
not log ...)
@@ -61309,8 +61352,8 @@ CVE-2018-2486 (SAP Marketing (UICUAN (1.20, 1.30,
1.40), SAPSCORE (1.13, 1.14))
NOT-FOR-US: SAP
CVE-2018-2485 (It is possible for a malicious application or malware to
execute ...)
NOT-FOR-US: SAP
-CVE-2018-2484
- RESERVED
+CVE-2018-2484 (SAP Enterprise Financial Services (fixed in SAPSCORE 1.13,
1.14, 1.15; ...)
+ TODO: check
CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business
...)
NOT-FOR-US: SAP
CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk
Android ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd733bc0f4a60b1f85bc5de8eeb99f5e8a005bb0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd733bc0f4a60b1f85bc5de8eeb99f5e8a005bb0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
